Website Technical Details
This website is a fast and simple place to put information that I deem worthy of publication. This may include but is not limited to items of interest in my personal life, technical articles, DIY projects, and source code.
This site does not track users and only logs the information sent directly to this server. I have never nor ever intend to have any sort of analytics nor advertisements. This is a strictly not-for-profit website.
This website is statically compiled from template files; there is no active server code running on this site. The template compiler is written in python 3.
From a UX perspective, this site is meant to be accessible above all else. This website uses a library called basement-css for layout and components. It is meant to look good and function well on all screen sizes and with all common rendering engines (browsers). It follows best-practices progressive enhancement. This site is fully keyboard-navigable with the tab, shift+tab, space, and enter keys. For text-based browsers and screen readers the site provides navigable and easily parseable text content. For basic browsers without javascript the site looks and functions almost exactly as it does with javascript (spot the difference!). To accomplish this, the menu uses what is sometimes referred to as the "checkbox hack" to allow opening and closing of menus with no javascript whatsoever. Javascript enables additional but not totally necessary features.
Email Server Technical Details
In addition to the website, this server hosts email for myself, family, and close friends. It aims to handle email in the most convenient and secure way. Where those are mutually exclusive security is generally favored over convenience, although not always. The basic configuration comes from this article on setting up an email server. Additional configuration was done for security purposes, based on this article and this article. These guides were not followed verbatim. I support and use the Let's Encrypt cert authority. This configuration is automated with Certbot. Security updates are automatic.
This server uses DKIM, SPF, and DMARC to ensure mail sent from this server is legitimate. To view the associated configuration, you can run "dig danmazzei.com any", "dig mail._domainkey.danmazzei.com", and "dig _dmarc.danmazzei.com any". If you do not trust your receiving email server to verify this domain accurately, you can install a tool such as this DKIM-verifying thunderbird addon to verify DKIM yourself.
Everything on this server is logged, usually very verbosely.
This runs on a debian (ubuntu) linux server, with postfix and dovecot. I have no intention of running anything other than email and a small website on this server. By limiting myself to this I can keep my email more secure, since fewer things can go wrong (a reduced attack surface). Access is provided through SMTP and IMAP. POP is not supported, and neither is webmail.
For more information about hosting your own email, my server configuration, or if you want to discuss GPG/PGP encryption and signing (client configuration; server is not involved), please contact me.